As noted by 9to5Mac, researchers have found flaws in the HTML rendering of Apple Mail on Mac and iOS, as well as Mozilla Thunderbird, that allows attackers to extract decrypted plain text from encrypted mail messages. The primary issue affecting involves a method that uses multipart responses to exploit HTML rendering issues.
If an attacker obtains encrypted email content from someone, it’s possible to send that encrypted text back to the user and reveal the decrypted plaintext form without ever having access to the sender’s private encryption keys.
However, the GPGTools/GPGMail team has posted a temporary workaround against the vulnerability, while MacRumors has compiled a separate guide to removing the popular open source plugin for Apple Mail until a fix for the vulnerability is released.
Like this article? Consider supporting Apple World Today with a $5 monthly Team AWT membership.
In his latest “Power On” newsletter, Bloomberg’s Mark Gurman says Apple is preparing a new…
In his latest “Power On” newsletter, Bloomberg’s Mark Gurman says Apple won’t debut a new…
As you’ve probably noticed (at least I hope you have, or else I’ve made a…
Here are the top Apple-related articles at Apple World Today for the week of May…
One of the biggest reasons people are starting to lean on AI for knowledge and…
The internet offers infinite forms of entertainment, and the world of on-line gaming isn't any…